<html><head><title>Intern - Cybersecurity (Masters Degree) - Multiple Locations - Foster City, CA</title></head>
<body><h2>Intern - Cybersecurity (Masters Degree) - Multiple Locations - Foster City, CA</h2>
Job Description<br/>
<br/>
<p>Data breaches and identity theft pose an existential threat to our business, and in today’s hyper-connected world, that threat is escalating. The growth of digital, mobile and Internet of Things (IoT) is bringing payments to millions of new connected devices—and millions of new potential entry points for cybercriminals. Today’s criminals are relentless in their attempts to exploit vulnerabilities with increasingly sophisticated malware, social engineering, and brute force attacks. To protect Visa’s assets in this dynamic threat landscape, we’re deploying new cyber-security tools, collaborating across industries, and taking a proactive approach to monitoring the cyberspace beyond the Visa network.</p><p>
We have matured from a compliance-driven organization to an agile one that can actively defend against threats and proactively manage risk for the enterprise. To maintain our impressive track record of zero breaches to the Visa network, we must stay vigilant in tracking our adversaries and evolving our approach to thwart new and emerging attack vectors.<br/>
<br/>
<b>Teams Actively Hiring within Cybersecurity</b></p><p><b>
Security Architecture and Engineering</b></p><p>
Defines and attests security architecture and standards for all Technology solutions, infrastructure, and applications. Also engineers security solutions and services to reduce attack surface in Visa’s products and infrastructure.</p><p><b>
Identity and Access Management (IAM)</b></p><p>
IAM is the security and business discipline that enables the right user to access the right resources at the right time and for the right reasons. Key IAM functions include access requests, user on-boarding, off-boarding, transfers, user access re-certification; privileged access management, single-sign-on, multi-factor authentication, and role based access control. IAM strives to set the correct balance between convenience/user-experience and compliance/enterprise risk reduction.</p><p><b>
Cyber Defense</b></p><p>
Focuses on delivery of 24x7x365 days security monitoring, incident response and investigations, and threat intelligence capabilities for Visa. We have adopted an intelligence-driven defense and response to cyberattacks of consequence. We have enhanced several key functions including Database Activity Monitoring, File Integrity Monitoring, and Distributed Denial-of-service (DDoS) protection across all critical applications and implemented a Next-Generation Firewall Platform.</p><p><b>
Cyber Engineering</b></p><p>
Enables cyber innovation by the rapid design, creation, and deployment of technologies and processes that will provide a level of confidence and protection to our stakeholders and partners.<br/>
<br/>
<b>Governance Risk and Compliance</b></p><p>
Evolve and strengthen our dynamic risk and compliance framework to enable Visa and our partners’ to meet regulatory requirements and achieve business and strategic objectives. Drive achievement of Cybersecurity objectives through management of internal and external security risks, monitoring assurance against required remediation deadlines, support in internal and external compliance reviews internal assessments of cyber security risk posture, operational and executive reports to stakeholders.</p>

Qualifications<br/>
<br/>
<p><b>Basic Qualifications</b></p><ul><li>Must have a High School diploma or equivalent</li><li>Pursuing a Masters degree in Cybersecurity, CS, Engineering, Networking, Information Systems, or related technical degree, graduating December 2020 or later</li><li>Maintain a 3.0 GPA or higher (4.0 scale)</li></ul><p><b>
Preferred Qualifications</b><br/>
Exposure and hands on experience in one of following areas, but not limited to:</p><p><b>
Application Security:</b></p><ul><li>Supporting software development / QA specially web services, security tools etc</li><li>Tech skills: Burp Suite, IDA pro, APKTool, Hopper, HP Fortify, CheckMarx (Sast/Dast), Cycript, XPosed, Charles, dex2jar, Kali Linux, Wireshark or any mobile security and/or penetration testing tools or frameworks</li></ul><p><b>
Development:</b></p><ul><li>SOAP / REST API, Web Services</li><li>Development tools such as Maven, Jenkins and Git</li><li>Different programming and scripting languages, such as Python, JavaScript, C++, Java or others</li></ul><p><b>
Machine Learning - Security Engineering:</b></p><ul><li>Software Development, Programming, and debugging using various programming languages and frameworks (object oriented programming, Golang, Python, Java, and C++, JavaScript);</li><li>Applying Machine Learning/Artificial Intelligence, data science, and statistics concepts including API integration, python, authentication, analysis, modeling, and visualization (python, sci-kit, numpy, matlab, algorithms)</li></ul><p><b>
Cybersecurity Analytics:</b></p><ul><li>Statistical and machine learning models</li><li>Exceptional coding skills and experience with high-level programming language like Scala, Python, Java for data analysis</li><li>Experience with tools for statistical computing (e.g. tensorflow, NumPy, SciPy)</li></ul><p><b>
Identity Access Management (IAM):</b></p><ul><li>Identity Management solutions like Oracle Identity Manager, Sailpoint or similar tools</li><li>IAM products related to Authentication, provisioning, authorization, SSO, and/or enterprise security protocols like SAML, OpenID, OAuth and/or mobile development (iOS/Android)</li><li>Business intelligence and analytics packages (Tableau, etc.), databases (SQL, etc.), scripting (PowerShell, VBScript, JavaScript) and programming (C#, Java, ETL frameworks)</li></ul><p><b>
Data Protection:</b></p><ul><li>Security technologies including data encryption, intrusion detection/prevention, event correlation, secure application development, etc</li><li>Security controls provided in common platforms and applications in the corporate environment including Unix, Linux, Windows, IBM Mainframe (zTPF, MVS), Oracle, MS SQL Server Microsoft Outlook, J2EE and .NET applications, etc</li></ul><p><b>
Platform System Admin:</b></p><ul><li>Linux and/or Windows</li><li>Administering, troubleshooting, and optimizing WebLogic</li><li>Code deployments into a Linux/WebLogic environment</li></ul><p><b>
Applied Cryptography:</b></p><ul><li>Encryption and key management security practices</li><li>Host Security Modules (HSM) administration practices and capabilities. (Desired)</li><li>CISM or CISA, ITIL, CRISC</li></ul><p><b>
Cyber Defense and Incident Response:</b></p><ul><li>Cyber Security Operations, Incident Response processes</li><li>Python and/or PowerShell scripting, YARA, RegEx and PCRE</li></ul><p><b>
Governance Risk and Compliance:</b></p><ul><li>Current information security and compliance vendor landscape</li><li>Control frameworks such as NIST-800-53, Center of Internet Security, ISO/IEC 27002</li><li>Regulatory requirements in particular PCI-DSS, GLBA, FFIEC, SOX, GDPR</li></ul><br/>
Additional Information<br/>
<br/>
<p><b>Work Hours:</b></p><ul><li>This position requires the incumbent to be available during core business hours</li></ul><p><b>
Travel Requirements:</b></p><ul><li>This position requires the incumbent to travel for work less than 10% of the time</li></ul><p><b>
Physical Requirements:
</b></p><ul><li>This position will be performed in an office setting. The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers, and reach with hands and arms</li></ul><p><i>
Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.</i></p></body>
</html>